Incoming artificial intelligence (AI) legislation could increase the regulatory burden for banks using AI in their anti-money laundering (AML) and anti-fraud operations. For example, the European Parliament is hard at work on the much-anticipated Artificial Intelligence Act. Commentators have hailed the act as the world’s first set of “comprehensive rules for trustworthy AI.” While the requirements in the legislation may increase the burden on AML and fraud teams, technology that addresses the requirements already exists.
In this article, we’ll discuss how the AI act will impact banking AML and fraud processes and how built-for-purpose AI technology addresses new and existing regulatory requirements.
How the AI Act Will Impact Banking AML and Fraud Processes
Due to the significant impact AI-based decisions can have on EU citizens, the European Commission has already signaled that it may consider the use of AI in financial services “high risk” under the AI Act. However, the Commission has yet to make a final decision in this regard. While high risk classifications will come with a higher regulatory burden, the good news for regulated banks is this: the requirements of the AI Act won’t be much different from what regulatory and supervisory authorities such as BaFin or FINMA already expect.
While the rules for the use of AI add to the existing regulations for banks, the governance is similar. Governance for AI models must include control measures, including effective risk management. Banks already have risk management processes in place for AML and fraud, and AI systems with built-in risk management procedures already exist. This means that banks can comply with incoming legislation like the AI Act without a significant additional burden.
How Existing Technology Meets the AI Act’s Requirements for High-Risk AI Systems
The AI Act outlines risk management, data governance, documentation, transparency, oversight, and quality requirements for high-risk AI systems. Below, we discuss how building explainability and model governance processes into AI systems addresses these requirements.
Risk Management
The AI Act requires a risk-based approach to high-risk AI uses, so banks will need systems that support this approach. Machine learning lifecycle platforms like MLFlow and Neptune help to address the AI Act’s risk management requirements by tracking every step of the model training process. Systems incorporating these platforms allow for quick experimentation and testing, essential for creating effective AI models. They also automatically create a full audit trail. These testing and validation processes help banks apply the risk-based approach required by incoming regulations.
Data Quality & Data Governance
The AI Act requires data quality and data governance processes because they drive the effectiveness of AI models. Employing training, validation, and test datasets improves the outputs of AI systems. Monitoring and detecting bias or data drifts also ensures data quality. A system with these data quality and governance procedures in place ensures model effectiveness and compliance with coming AI regulations.
Technical Documentation & Record Keeping
The AI Act calls for robust and comprehensive technical documentation and record keeping. AI systems can help banks comply with these requirements by using machine learning lifecycle platforms, as well as automatically generating full audit trails. These processes ensure the bank has access to documentation of the processes and decisioning of AI models. Systems incorporating these processes will help ensure compliance with the documentation and record keeping requirements of the AI Act.
Transparency
The AI Act’s transparency requirements will promote the trust and acceptance of AI system. To foster transparency, every individual AI decision can and should be fully explainable and recorded with audit trails. The explanations of AI decisions should also be readily available for reporting to authorities. For effective transparency and explainability, systems should illustrate critical decision criteria in understandable human language, supported by statistical context. When systems include this level of explainability, they empower banks to efficiently give clear reports to regulatory bodies.
Human Oversight
The AI Act requires human oversight of AI systems, as it is critical to regulators trusting these systems and their outputs. Systems can ensure proper oversight by including transparent model governance processes. Model governance allows human operators to maintain strict controls over how AI systems are used. When a system is built for human oversight, end users and regulators alike can rest assured that its outputs are controllable for optimal risk management.
Accuracy, Robustness & Cybersecurity
The AI act demands the accuracy, robustness, and security of AI models. System architects need to test regularly and rigorously for these attributes to comply with these requirements. These processes ensure a system can deliver the accurate, robust, and secure results required by incoming regulation like the AI Act.
How Hawk AI’s Technology Addresses AI Act Requirements
Explainability and model governance processes are crucial for the use of AI in AML and fraud prevention. That’s why Hawk AI has built these features into our financial crime platform. Regulated banks will be well-equipped to comply with AI regulations when they use Hawk AI technology. Incorporating risk management processes allows the Hawk AI system to deliver faster and more accurate transactions analysis, significant reductions of false positives, and better risk rating results.